Download IS460ASPStateManagement

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
Document related concepts

Clusterpoint wikipedia , lookup

Database model wikipedia , lookup

Object-relational impedance mismatch wikipedia , lookup

Team Foundation Server wikipedia , lookup

Microsoft SQL Server wikipedia , lookup

Transcript 
State Management
Lecture Overview

Client state management options


Server state management options




Cookies
Application state
Session state
View state
All Web technologies implement state
management in some way
Introduction to State
Management

Remember that ASP.NET (and the Web) is
stateless


The Web server does not keep track of past
client requests
Different technologies handle the issue of
statement management differently



ASP.NET is somewhat unique in this regard
But PHP works similarly
And so does JSP
JSP State Management

Uses a session object like ASP does
Session attributes are key value pairs
Call setAttribute to set a session variable
Call getAttribute to get a session variable

We can also use cookies



PHP State Management



PHP also uses a session object
Call session_start() to create a new variable
Use $_SESSION to set session variables
PHP State Management
Types of State Management

ASP.NET offers two categories of state
management



Pure client-side statement management
Server-side state management
We can use both concurrently
State Management (Issues)


Client state management consumes
bandwidth and introduces security risks
because sensitive data is passed back and
forth with each page postback
Preserving state on a server can overburden
servers

We also must consider Web farms and Web
gardens
Web Farm

A single ASP.NET application is hosted on
multiple web servers
Web Garden

A single application pool contains multiple
worker processes run across multiple CPUs
Client State Management
(Types)





View state
Control state
Hidden fields
Cookies
Query strings
State Management
(ViewState)

ViewState works in a couple of different
ways



It’s managed for you automatically via the
ASP.NET infrastructure
Or you can take control yourself via the
ViewState object
ViewState only provides state for a single
page

It won’t work with cross-page postbacks or
other page transfers
State Management
(ViewState) (auto)

Just enable ViewState and the corresponding
control retains is value from one postback to the next




This happens by default
You can disable ViewState at the page level
 <%@ Page EnableViewState=”false” %>
While simple, it does add overhead in terms of page
size
MaxPageStateFieldLength controls the
maximum page size
State Management
(ViewState) (manual)



ViewState can be set on the server up to
the Page_PreRenderComplete event
You can save any serializable object to
ViewState
The information is really just saved in hidden
fields
State Management
(ControlState)

The ControlState property allows you to
persist information as serialized data



It’s used with custom controls (UserControl)
The wiring is not automatic
You must program the persisted data each
round trip

The ControlState data is stored in hidden
fields
State Management
(Hidden Fields)




Use the HiddenField control to store
persisted data
The data is stored in the Value property
It’s simple and requires almost no server
resources
It’s available from the ToolBox and works
much like a text box control
State Management (Cookies)

Use to store small amounts of frequently
changed data




Data is stored on the client’s hard disk
A cookie is associated with a particular URL
All data is maintained as client cookies
Most frequently, cookies store personalization
information
Cookie Limitations




While simple, cookies have disadvantages
A cookie can only be 4096 bytes in size
Most browsers restrict the total number of
cookies per site
Users can refuse to accept cookies so don’t
try to use them to store critical information
Cookies Members

Use the Response.Cookies collection to
reference a cookie



Value contains the cookie’s value
Expires contains the cookie’s expiration date
Cookies can also store multiple values using
subkeys


Similar to a QueryString
It’s possible to restrict cookie scope by setting
the Path property to a folder
Server State Management
Options




Application state
Session state
Profile properties
Database support
Server State Management

HttpApplicationState applies to your
entire application


HttpSessionState applies to the
interaction between a user’s browser session
and your application


Application object
Session object
Page caching also relates to state
management
The Application’s State
(Introduction)

An instance of the HttpApplicationState
object is created the first time a client
requests a page from a virtual directory

Application state does not work in a Web farm
or Web garden scenario


It’s volatile – If the server crashes, the data is
gone


Unless we push data to a database
Unless we persist out of process
It’s really just a collection of key/value pairs
The HttpApplicationState
Class (Members 1)



The AllKeys property returns an array of
strings containing all of the keys
Count gets the number of objects in the
collection
Item provides read/write access to the
collection
The HttpApplicationState
Class (Members 2)

StaticObjects returns a reference to
objects declared in the global.asax file



<object> tags with the scope set to
Application
The Add method adds a new value to the
collection
The Remove method removes the value
associated with a key
The HttpApplicationState
Class (Members 3)

Lock and Unlock lock the collection,
respectively


Get returns the value of a collection item


Not an ASP topic but a thread synchronization
topic
The item can be referenced by string key or
ordinal index
Set store a value corresponding to the
specified key

The method is thread safe
Application State
(Best Practices)

Memory to store application state information
is permanently allocated



You must write explicit code to release that
memory
So don’t try to persist too much application state
information
The Cache object, discussed later, provides
alternatives to storing application state
information
Profile Properties





It’s a way to permanently store user-specific
data
Data is saved to a programmer-defined data
store
It takes quite a bit of programming
The whole thing is unique to windows
We will not use profiles in this course
Session State (Introduction)


It is used to preserve state for a user’s
‘session’
Session state works in Web farm or Web
garden scenarios



Use OutProc state server or sql server
Session data can be stored in databases such
as SQL Server or Oracle making it persistent
It’s very powerful and the features have been
significantly enhanced in ASP 2.0
Session State (Configuration)

The <web.config> file contains a
<sessionState> section

The entries in this section configure the state
client manager
Web.Config
<sessionState>
<sessionState mode="[Off|InProc|StateServer|SQLServer|Custom]"
timeout="number of minutes" cookieName="session identifier
cookie name" cookieless=
"[true|false|AutoDetect|UseCookies|UseUri|UseDeviceProfile]
" regenerateExpiredSessionId="[True|False]"
sqlConnectionString="sql connection string"
sqlCommandTimeout="number of seconds"
allowCustomSqlDatabase="[True|False]"
useHostingIdentity="[True|False]"
stateConnectionString="tcpip=server:port"
stateNetworkTimeout="number of seconds"
customProvider="custom provider name">
<providers>...</providers> </sessionState>
Session State Providers (1)

Custom – State information is saved in a
custom data store


InProc – State information is preserved in
the ASP.NET worker process named
(aspnet_wp.exe or w3wp.exe)


Like a database
This is the default option
Off – Session state is disabled
Session State Providers (2)

SQLServer – State data is serialized and
stored in an SQL server instance


This might be a local or remote SQL Server
instance
StateServer – State information is stored
in a separate state server process
(aspnet_state.exe)

This process can be run locally or on another
machine
Session State Providers
(Best Practices)

Use an SQL server provider to ensure that
session state is preserved


Note that there is a performance hit here
because the session information is not stored in
the page
The InProc provider is not perfect

The ASP worker process might restart thereby
affecting session state
Session State Identifiers


Browser sessions are identified with a unique
identifier stored in the SessionID property
The SessionID is transmitted between the
browser and server via


A cookie if cookies are enabled
The URL if cookies are disabled

Set the cookieless attribute to true in the
sessionState section of the Web.config file
HttpSessionState
(Members 1)

CookieMode describes the application’s
configuration for cookieless sessions




IsCookieless is used to depict whether
cookies are used to persist state
IsNewSession denotes whether the session
was created with this request
SessionID gets the unique ID associated
with this session
Mode denotes the state client manager being
used
HttpSessionState
(Members 2)




Timeout contains the number of minutes to
preserve state between requests
Abandon sets an internal flag to cancel the
current session
Add and Remove add or remove an item to
the session state
Item reads/writes a session state value

You can use a string key or ordinal index value
Related documents
SSEMI2: Law of Demand, Law of Supply
SSEMI2: Law of Demand, Law of Supply
Disclaimer/Cookies
Disclaimer/Cookies
SESSION AND COOKIE MANAGEMENT IN .NET
SESSION AND COOKIE MANAGEMENT IN .NET
Online Security - Nassau Financial
Online Security - Nassau Financial
Data Mining / Partitioning Example Training Data Set Validation
Data Mining / Partitioning Example Training Data Set Validation
From Browsing to Interacting: DBMS Support for Responsive Websites
From Browsing to Interacting: DBMS Support for Responsive Websites
Supply and Demand Graphs
Supply and Demand Graphs
Rock Cookie Lab
Rock Cookie Lab
Cookies in Cookie Jars
Cookies in Cookie Jars
Web Privacy
Web Privacy
Session and State Management
Session and State Management